CAST 618 - Designing and Implementing Cloud Security

Advanced Penetration Testing Course


 
  Get Advanced Penetration Testing Training From EC-Council Get Certified in Mobile Hacking & Forensics Investigations Learn & Get Certified In Advanced Application Security Course Online From EC-Council Join Advanced Network Defense Training Program Online  
  Securing Windows Infrastructure (CAST 616)   Designing and Implementing Cloud Security (CAST 618)  
 
 
 


cast 618

 

 

The Designing and Implementing Cloud Security course provides comprehensive knowledge of cloud services, their characteristics, benefits, applications, and service models. The course will help professionals understand the risks and threats associated with cloud service adoption and migrating business-critical data to third party systems.

The program covers planning, designing, and implementing cloud security controls. It delves in to various cloud standards, countermeasures, and best practices to secure information in the cloud. The program also emphasizes the business aspects of cloud security such as cloud uptime, uptime guarantee, availability, fault tolerance, fail-over policy, and how cloud security
strengthens the business case for cloud adoption.

 


Most businesses around the world, small and large, use multiple cloud services to handle business-critical data. Though cloud services offer improved efficiency, reduced costs, greater accessibility and flexibility, they also increase security risk. Cloud leaders focus on measures to reduce data breaches, maintain confidentiality, and preserve integrity, authenticity and completeness. Other areas of concern are risk factors associated with virtual machines, vulnerabilities from shared resources, and issues with encryption.

Recent hacking attacks on Dropbox, Google’s DNS, LinkedIn, etc. are only indications of larger threats to cloud services and data security. According to McAfee® Labs 2014 Threats Predictions report, deployment of cloud-based corporate applications will create new attack surfaces that will be exploited by cybercriminals.

The Designing and Implementing Cloud Security course provides comprehensive knowledge of cloud services, their characteristics, benefits, applications, and service models. The course will help professionals understand the risks and threats associated with cloud service adoption and migrating business-critical data to third party systems.

The program covers planning, designing, and implementing cloud security controls. It delves in to various cloud standards, countermeasures, and best practices to secure information in the cloud. The program also emphasizes the business aspects of cloud security such as cloud uptime, uptime guarantee, availability, fault tolerance, fail-over policy, and how cloud security strengthens the business case for cloud adoption.

 



kevin cardwell- Penetration Tester Expert

Mr. Haja Mohideen is the VP- Technology and Co-Founder of EC-Council. He manages the certifications and training programs for EC-Council, and leads the product development team. He is known worldwide as the creator of the popular EC-Council certification programs Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (CHFI), EC-Council Certified System Analyst / Licensed Penetration Tester (ECSA/LPT) and EC-Council Certified Secure Programmer (ECSP), among others.

Haja has 17 years of experience specializing in the development, support and project management of PC software and hardware. He has trained various Fortune 500 companies as well as US government agencies. He is also the Master Trainer for EC-Council courses, and his training is often sought after globally. He has led training in many countries including Greece, India, USA, Indonesia, Singapore, England, Mexico, amongst others. Haja is also one of few who are qualified to conduct train the trainer sessions for EC-Council courses.

Haja holds a Masters Degree in Software Engineering and has numerous industry-wide IT certifications from Microsoft, IBM, Cisco, Motorola, 3COM, Adobe, Intel and many others. He carries over 90 vendor certifications.





Coming Soon























Module 01 Fundamentals of Cloud Computing
    • Cloud Computing
    • Cloud Computing Characteristics
    • Benefits of Cloud Computing
    • Economics of Cloud Computing
      • Direct Cost Saving
      • Productivity Improvement
      • Innovation
    • Application of Cloud Computing in Various Domains
    • Cloud Computing for Enterprises
    • Linux Security Countermeasures
      • Impact of Cloud Computing on Enterprises
    •  Cloud Computing Service Models
      • Software as a Service (SaaS)
      • Platform as a Service (PaaS)
      • Infrastructure as a Service (IaaS)
  • Cloud Deployment Models
  • Private Cloud Computing
      • Pros & Cons of Private Cloud
  • Public Cloud Computing
      • Pros & Cons of Public Clouds
  • Hybrid Cloud Computing
      • Pros & Cons of Hybrid Cloud
  • Community Cloud Computing
      • Pros & Cons of Community Cloud
  • Cloud Computing Service Model Applications
  • Challenges in Cloud Computing Adoption
  • Major Barriers to Cloud Computing Adoption
  • 7 Steps for Migrating Services to Cloud
  • What Should Not be Moved to the Cloud
  • Cloud Computing Security Risks
  • Cloud Computing Attacks
  • Cloud Computing Security Considerations
  • Cloud Security Best Practices
  • Case Study
      • Interoperability Case Study
      • Cloud Computing Services
Module 02 Designing a Secure Cloud Computing Environment
    • Layers of Cloud Computing
    • Single and Multi-Tenancy Environments
  • Cloud SLA
  • Key Elements of SLA
  • Service Oriented Architecture
      • SOA Infrastructure
      • SOA and Cloud
  • Cloud Deployment Requirements
      • Hardware
      • Network
      • Software
  • Cloud Networking
  • Monitoring Performance
  • Utilities to Measure Network Performance
      • Traceroute
      • Ping
  • Communication Requirements for Cloud Implementation
  • Cloud Security
  • Physical vs. Virtual Security
  • Cloud Application Security Best Practices
  • Prerequisites for Building your Cloud Infrastructure
  • Cloud Computing Infrastructure
  • Cloud Computing Reference Architecture, Models and Framework
  • Cloud Computing Reference Models Classification
      • Cloud Reference Model
      • NIST Cloud Computing Reference Architecture
  • Cloud Cube Model
  • Types of Data Centers
  • Comparison between Cloud Data Center and Traditional Data Center
  • Transformation of the Traditional Datacenter
  • Data Center Design Standards
  • Data Center Design
  • Data Center Design Criteria
  • Data Center Tier System
  • Data Center and Cloud
  • Data Center Operations
  • Cloud Computing and Cloud Storage
  • Cloud Storage Networks
  • Online Storage Options
  • Primary Storage Options
  • Cloud Computing Providers
  • Google’s Cloud
      • Google App Engine Architecture
  • Storing Data
  • Build, Debug and Deploy Apps for Google App Engine using eXo Cloud IDE
  • Open Source Data Center
      • OpenNebula
      • NAS4Free
  • Open Source Data Center and Cloud Software
  • Pros in Deploying Open-Source Cloud Systems
  • Cons in Deploying Open-Source Cloud Systems
  • Cloud-based Server Capacity
  • Things to know about Cloud-based Server Capacity
  • Cloud Server Capacity Providers
  • Do’s and Don'ts of Cloud-based Server Capacity
  • Cloud Server Virtualization
  • Adding Disk Space After Resizing a Windows 2008 Cloud Server
  • Cloud Capacity Planning Tool: Server File System Analytics Utility: CopperEgg
  • Xeround Cloud Database for MySQL Applications
Module 03 Cloud Computing Standards
  • Why Cloud Environment Need Standards?
  • Benefits of Standardized Policies
  • Cloud Ecosystem and Standards
  • Role of Cloud Standard Organizations
  • Standards Development Organizations in Cloud Computing
    • Open Virtualization Format (OVF)
    • Open Cloud Computing Interface (OCCI)
    • Cloud Data Management Interface (CDMI)
    • National Institute of Standards and Technology (NIST)
    • Distributed Management Task Force (DMTF)
    • Storage Networking Industry Association (SNIA)
    • Organization for the Advancement of Structured Information Standards (OASIS)
Module 04 Cloud Uptime and Availability
  • Terminology
    • Response Time
    • Downtime
    • Disaster Recovery
    • Uptime
    • Failover
    • Fault Tolerance
  • Cloud Outage/Failure and their Impacts
  • Importance of ‘Uptime Guarantee’
  • Recommendations for Maximizing Uptime
  • Pingdom
  • Cloud Uptime Monitoring Tools
  • Cloud Availability
  • Recommendations for Cloud Providers to Improve Availability
  • Recommendations for Cloud Users to Improve Availability
  • Data Backup on Cloud
  • Cloud Backup and Disaster Recovery Benefits
  • High Availability Definition
    • What a High Availability Solution Does?
    • High Availability Software Solutions
  • Fault Tolerance
  • Fault Tolerance Techniques
    • Reactive Fault Tolerance Techniques
    • Proactive Fault Tolerance
  • Challenges in Implementing Fault Tolerance
  • HAProxy - The Reliable, High Performance TCP/HTTP Load Balancer
  • Cloud Failover Policy
  • SaaS-Specific Rider
  • PaaS-Specific Rider
  • IaaS-Specific Rider
  • Geminare's Cloud Recovery/Auto Failover
  • Load Balancing
    • What can be Load Balanced?
    • Load Balancing Process
  • Lessons to be Learnt from Cloud Outages
  • Rackspace Cloud Load Balancer Control Panel
  • Load Balancing Solutions
  • Best Practices for Optimal Cloud Performance
Module 05 Virtualization on Cloud
  • Virtualization Terminologies 
  • Introduction to Virtualization
  • Importance of Virtualization
  • Characteristics of Virtualization
  • Virtualization Techniques
  • Type 1 and Type 2 Hypervisors
  • Why we need Virtualization for Cloud?
  • Virtualization Vendors
    • VMware
  • Datacenter & Cloud Infrastructure Product: vSphere
  • Virtualization Vendors
    • Microsoft
    • Oracle
    • Citrix
  • Virtualization Security Best Practices for Administrators
  • Best Practices for VM Security
Module 06 Cloud Security
  • What is Cloud Security?
  • Top Ten Threats to Cloud Security
  • Data Breach
  • Data Loss
  • Account Hijacking
  • Insecure Interfaces and APIs
  • Denial-of-Service (DoS)
  • Malicious Insiders
  • Abuse of Cloud Services
  • Password Cracking Services on Cloud
  • Insufficient Due Diligence
  • Shared Technology Issues
  • Unknown Risk Profile
  • Cloud Sprawl
    • Dropbox Usage by Department
  • Cloud Security Controls
  • Cloud Security Control Layers
  • Placement of Security Controls in the Cloud
  • Cloud Security is the Responsibility of both Cloud Provider and Consumer
  • Encryption and Key Management
  • Tips to Protect Encryption Keys
  • Enhancing Encryption Strength: Hardware/Software Protection
  • Identity and Access Management (IAM)
  • Securing Identity Provisioning
  • Securing Authentication in Saas and Paas Environments
  • Securing Authentication in Saas and IDaaS Environments
  • Federated Identity Management
  • Securing Federated Identity Management
  • Securing Access in Clouds
  • Using Security Assertion Markup Language (SAML) for Federated Single Sign-on
  • Using Service Provisioning Markup Language (SPML) for IAM
  • Using eXensible Access Control Markup Language (XACML) for IAM
  • Using Open Authentication (OAuth) for IAM
  • IAM Standards for Consumers
  • CloudPassage
  • Cloud Security Vendors
  • Best Practices for Securing Cloud
  • NIST Recommendations for Cloud Security
  • Organization/Provider Cloud Security Compliance Checklist
Module 07 Cloud Configuration and Patch Management
  • Cloud Configuration Management
  • Cloud Configuration Management Approaches
  • VMware vCenter Configuration Manager
  • NephoScale's Configuration Management
  • Configuration Management Systems
  • Patch Management Challenges in Cloud
  • Vulnerable Areas that need Patch in Cloud
  • Patch Management Process Workflow
  • Patch Management Process Flow Overview
  • Patch Management Process
    • Preparation
    • Identification
    • Scheduling
    • Deployment
    • Post-Deployment
  • Major Challenges to the Patch Management Flow
  • Key Considerations for Patch Management in Cloud
    • Consistency
    • Automation
  • Creating Standardized Patch Management Policies
    • Creating Standardized Patch Management Policies based on Patch Severity
    • Creating Standardized Patch Management Policies based on Virtual Machine Category
  • Cloud-based Patch Management tools
    • ScaleXtreme
    • Viewfinity Patch Management
    • Dropbox Usage by Department
  • Checklist for Selecting a Cloud Patch Service Provider
Module 08 Penetration Testing and Risk Assessment
  • Cloud Computing Risk Assessment
  • Cloud Computing Risk Categories
    • Policy and Organizational RisksPatch
    • Technical Risks
    • Legal Risks
  • Risk Assessment Metrics
  • What is Cloud Pen Testing?
  • Why Penetration Testing?
  • Penetration Test vs. Security Assessment
  • Phases of Penetration Testing
  • Key Considerations for Pen Testing in the Cloud
  • Scope of Cloud Pen Testing
  • Cloud Penetration Testing Steps
    • Step 1: Check for Lock-in Problems
    • Step 2: Check for Governance Issues
    • Step 3: Check for Compliance Issues
    • Step 4: Check Cloud for Resource Isolation
    • Step 5: Check if Anti-malware Applications are Installed and Updated on Every Device
    • Step 6: Check if Firewalls are Installed at Every Network Entry Points
    • Step 7: Check if Strong Authentication is Deployed for Every Remote User
    • Step 8: Check if Files Transfers to/from Cloud Servers is Encrypted
    • Step 9: Check if Files Stored on Cloud Servers are Encrypted
    • Step 10: Check Data Retention Policy of Service Providers
    • Step 11: Check if all Users Follow Safe Internet Practices
    • Step 12: Perform a Detailed Vulnerability Assessment
    • Step 13: Check Audit and Evidence-gathering Features in Cloud Service
    • Step 14: Perform Automated Cloud Security Testing
  • Recommendations for Cloud Testing
  • Introduction to Virtualization
  • Prerequisites to Virtual Machine Pen Testing
  • Virtual Environment Pen Testing
  • Virtual Machine Penetration Testing Steps
    • Step 1: Scan for Virtual Environment
    • Step 2: Search for Virtual Environment
    • Step 3: Check if a Documented Policy Exists for Creating New Virtual Machines
    • Step 4: Create Inventory of Virtual Machines
    • Step 5: Check Patch Status of Host and Guest Operating Systems
    • Step 6: Check VM Configuration for Unused Emulated Hardware
    • Step 7: Check IP Addressing Information on Virtual NICs
    • Step 8: Check the Network Bandwidth Limit per VM
    • Step 9: Check Virtual Switches for Promiscuous Mode
    • Step 10: Perform Virtual Machines Stress Testing
    • Step 11: Try to Exploit Hypervisors using Automated Exploit Tools
    • Step 12: Try to Break Out of Guest VM
    • Step 13: Perform Vulnerability Assessment of Virtual Environment
  • Vulnerability Assessment Tool
    • VMinformer
  • Configuration Management Tools
    • Virtualization Manager
    • Tripwire
  • Virtualization Assessment Toolkit
    • Vasto
  • Virtualization Best Practices
Module 09 Cloud Computing Legal Issues
  •  Key Legal Issues
  • Cloud Computing Contracts
  • General Terms used in Cloud Contracts
  • Non Negotiable Contracts
  • Issues with Sub Contracts
  • Business Continuity Issues
    • Example Clause: Business Continuity Issues
  • Interoperability Issues
  • Getting through SLAs
    • Example Clause: SLA
  • Vendor Transitioning
  • Tracking and Auditing Cloud Data
  • Privacy and Confidentiality
    • Example Clause: Privacy and Confidentiality
  • Geographic Jurisdiction
    • Example Clause: Geographic Jurisdiction
  • Limitations on Vendor Liability
    • Example Clause: Limitations on Vendor Liability
  • Ending the Arrangement
    • Example Clause: Ending the Arrangement
  • Compliance and Audit
  • Compliance Contract Challenges
  • Recommendations for Compliance and Audit
  • Taxation Challenges
  • Cloud Computing Legal Checklist
  • Checklist for Invalidating Legal Issues in Cloud Provider Selection
  • 9 Questions to Ask Before Signing a Cloud Computing Contract
  • 9 Best Practices for Cloud Computing Contracts
  • Cloud Computing Acts
Module 10 Using iPhones, Tablets and other devices to Access Cloud
  • Mobile Cloud Computing (MCC)
  • Mobile Cloud Computing Applications
  • Operating Systems for Smartphones
  • Mobile Web Browsers
  • Cloud Apps on Smartphones
  • Benefits of Mobile Access to Cloud
  • Limitations of Mobile Access to Cloud
  • Mobile Virtualization Platform (MVP)
  • Mobile E-commerce Security Checkpoints
  • Virtual Terminal
  • Working of a Virtual Terminal
  • Virtual Terminal Security Benefits
  • Mobile Cloud Collaboration Applications
  • iPhone apps for Business Collaboration
  • Android apps for Collaboration
  • Mobile Spy
  • Stolen Mobile Tracking Software
  • Threats of Mobile Malware
  • Mobile Cloud Threats and Countermeasures
    • Physical Security
    • Threats to Mobile Network Security
    • The Threat of Malware
  • Mobile Client Security Software
    • BullGuard Mobile Security
    • Lookout
    • WISeID
  • How to Set a Passcode on Lock Screen of iPhone 5
  • Secured Mobile Cloud Access
  • Mobile Device Security Guidelines for Administrator
  • General Guidelines for Mobile Platform Security
  • Best Practices for Secured Mobile Cloud Access
  • Fundamentals of cloud computing, cloud services, its characteristics, benefits, and applications
  • Cloud computing service models, deployment models and security considerations of cloud computing
  • Secure cloud computing environment design
  • Data center, online storage options, cloud based server capacity, and cloud server virtualization
  • Cloud computing standards
  • Cloud uptime, optimizing cloud performance, availability and its characteristics
  • Cloud fault tolerance, load balancing, and cloud failover policies
  • Best practices of virtualization and cloud implementation
  • Cloud security, cloud security control layers, encryption and key management, identity access management, federated identity management, and IAM standards for consumers
  • Cloud configuration management, patching modes, standardized policy creation, and cloud-based patch management tools
  • Cloud computing risk assessment and cloud penetration testing
  • Intrusion detection systems (IDS) in a cloud environment
  • Types of attacks on a cloud environment and techniques to overcome attacks
  • Legal issues such cloud computing contracts, vendor transitioning, auditing cloud data, maintaining
  • privacy and confidentiality, geographic jurisdiction, limitations on vendor liability, and taxation challenges
  • Compliance to established industry standards, acts, and laws including PCI-DSS, HIPAA, Sarbanes-Oxley, and Data Protection Act
  • IT Security Managers
  • Cloud Security Professionals
  • Entrepreneurs
  • Database and Web Developers
  • Security Auditors and Compliance Managers
  • Network and System Administrator
Duration: 3 days (9:00 – 5:00)






To download CAST 618 printable brochure Please Click Here




















Enquire Online About Advanced Security Training Programs

We at CAST would like to hear from you

if you have questions, comments or feedback for us, please send us a message using the from below or email us at cast@eccouncil.org
For more information and news updates, connect with us via Social Media or our Mailing List.
We look forward to hearing from you!

CAST General Enquiry Form